Check: OL6-00-000290
Oracle Linux 6 STIG:
OL6-00-000290
(in versions v2 r7 through v1 r9)
Title
X Windows must not be enabled unless required. (Cat II impact)
Discussion
Unnecessary services should be disabled to decrease the attack surface of the system.
Check Content
To verify the default runlevel is 3, run the following command: # grep initdefault /etc/inittab The output should show the following: id:3:initdefault: If it does not, this is a finding.
Fix Text
Setting the system's runlevel to 3 will prevent automatic startup of the X server. To do so, ensure the following line in "/etc/inittab" features a "3" as shown: id:3:initdefault:
Additional Identifiers
Rule ID: SV-219569r793826_rule
Vulnerability ID: V-219569
Group Title: SRG-OS-000095
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000381 |
The organization configures the information system to provide only essential capabilities. |
CCI-001436 |
The organization disables organization-defined networking protocols within the information system deemed to be nonsecure except for explicitly identified components in support of specific operational requirements. |
Controls
Number | Title |
---|---|
CM-7 |
Least Functionality |